none
WCF security RRS feed

  • Question

  • Hello,

    I got list of security requirement from my client. I want to know if WCF support these requirements and how.

    The relevant requirements are the following:

    1. The system should use SAML or equivalent for end-to-end message encryption
    2. The system should employ application layer security standards:

    WS-Security

    WS-Policy

    WS-SecurityPolicy

    WS-Addressing

    WS-ReliableAddressing

    1. The system should authenticate users prior to sending WSDL

    Thanks,

    Yocheved

    Thursday, January 30, 2014 9:54 AM

Answers

  • Hi,

    In the wcf, it can support the requirement.

    >>The system should use SAML orequivalent for end-to-end message encryption

    This is the WCF way to do with SAML token by using a custom client SAML token provider, have a look on it:
    #SAML Token Provider:
    http://msdn.microsoft.com/en-us/library/aa355062.aspx .

    For your second question, you can use the wsHttpBinding to apply the security. And there are many type of authentication ways in the wcf, please try to check it:
    #Authentication and Authorization in WCF Services:
    http://msdn.microsoft.com/en-us/library/ff405740.aspx .

    Best Regards,
    Amy Peng


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Friday, January 31, 2014 4:39 AM
    Moderator